0

I have a domain that I moved to route 53, to simplify interoperability with other AWS services. I created a hosted zone, and added a CNAME record for a WWW subdomain. I then went to the ACM and generated a cert, clicking on the 'Create records in Route53' button. This auto generated the CNAME entry to allow AWS to validate that I am the owner of the domain. After waiting a day or so, it is still in 'pending validation state', and I am at a loss for how how to resolve this.

  • I tried nuking and regenerating the hosted zone.
  • I double checked that no CAA record needed to be created.
  • I tried hand editing the CNAME key and value to ensure that the correct values were present.
  • I tried setting the TTL to 60 seconds to see if that would help speed things up.
  • There are no other certs or DNS entries to confuse the validation scripts.
  • I have waited multiple hours after changes, several days in some cases.

As far as I can tell, I have set up the ultimate 'happy path simple scenario' for getting a valid cert installed, and it still doesn't seem to work.

I am missing something simple?

Improve this question
3
  • 1
    It shouldn't take long. Try deleting the ACM cert and running it again. If that doesn't work you can either share far more details here including screen shots, or pay to contact AWS Support to get their help.
    – Tim
    Oct 6 at 19:06
  • I think you might be right, and I might have to ping AWS support Tim. I just wanted to try to do due diligence and make sure I am not missing something obvious
    – Roger Hill
    Oct 6 at 21:08
  • If you have access to AWS Support, definitely use it any time it will save you time. Doing checks yourself first makes sense.
    – Tim
    Oct 6 at 21:34

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .